[02/38] char: remove use-after-free on win-stdio

Message ID	20161022095318.17775-3-marcandre.lureau@redhat.com
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com> To: qemu-devel@nongnu.org Date: Sat, 22 Oct 2016 12:52:42 +0300 Message-Id: <20161022095318.17775-3-marcandre.lureau@redhat.com> In-Reply-To: <20161022095318.17775-1-marcandre.lureau@redhat.com> References: <20161022095318.17775-1-marcandre.lureau@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: [Qemu-devel] [PATCH 02/38] char: remove use-after-free on win-stdio Precedence: list Cc: pbonzini@redhat.com, =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com> Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Message ID

20161022095318.17775-3-marcandre.lureau@redhat.com

State

New

Headers

From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
To: qemu-devel@nongnu.org
Date: Sat, 22 Oct 2016 12:52:42 +0300
Message-Id: <20161022095318.17775-3-marcandre.lureau@redhat.com>
In-Reply-To: <20161022095318.17775-1-marcandre.lureau@redhat.com>
References: <20161022095318.17775-1-marcandre.lureau@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: [Qemu-devel] [PATCH 02/38] char: remove use-after-free on win-stdio
Precedence: list
Cc: pbonzini@redhat.com,
	=?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Commit Message

Marc-André Lureau Oct. 22, 2016, 9:52 a.m. UTC

Found by reviewing the code, win_stdio_close() is called by
qemu_chr_free() which then call qemu_chr_free_common() taking care of
freeing CharDriverState*.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
---
 qemu-char.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/qemu-char.c b/qemu-char.c
index d83a896..9165051 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -2435,7 +2435,6 @@  static void win_stdio_close(CharDriverState *chr)
     }
 
     g_free(chr->opaque);
-    g_free(chr);
 }
 
 static CharDriverState *qemu_chr_open_stdio(const char *id,

[02/38] char: remove use-after-free on win-stdio

Commit Message

Patch